FireBird is a Remote Access Tool (or alternatively, when used in a malicious capacity, it is termed a Remote Access Trojan) or 'RAT'. On initial inspection, this may seem to be a legitimate piece of software, however, its list of capabilities/features (e.g. anti-detection, functionality without i
pushpush[.]net is a rogue site, similar to glagolinius.com, androidrecaptcha.info, tatilyerlerim.com, secretvideos2020.com and many others. It operates by presenting visitors with dubious content and generating redirects to other untrustworthy, even malicious web pages. Visitors to pushpush[.]net
Happychoose is a part of the GlobeImposter ransomware family. Typically, software of this type encrypts files, changes filenames and creates ransom messages. Happychoose renames files by appending the ".happychoose" extension to filenames. For example, it changes "1.jpg" to "1.jpg.happychoose", a
Discovered by Michael Gillespie, Jope is one of many ransomware-type programs belonging to the Djvu family. It encrypts victims' files, adds a new extension to filenames and creates a ransom message. Jope renames encrypted files by appending the ".jope" extension to filenames. For example, it ren
SearchYA is one of many potentially unwanted applications (PUAs) that are categorized as browser hijackers. SearchYA supposedly improves the browsing experience, however, it actually promotes the feed.search-ya.com fake search engine (by changing browser settings) and collects information relating
SearchSystem is an adware-type app that runs intrusive advertisement campaigns. The ads it delivers are unwanted, deceptive and possibly even malicious. This application also has characteristics commonly attributed to browser hijackers, such as browser modification and fake search engine promoti
PlusSpecial is a rogue app classified as adware that possesses browser hijacker characteristics. This application enables the placement of intrusive advertisements on any visited website. It also makes modifications to browsers to promote fake search engines (Safe Finder via akamaihd.net). Most
ZyNoXiOn is malicious software categorized as ransomware. Systems infected with this malware have their data encrypted and users receive ransom demands for decryption. During the encryption process, all compromised files are appended with the ".ZyNoXiOn" extension. For example, a file named somet
Tab Recovery (also known as Tab Recovery - Save & Organize Your Tabs) is a browser hijacker that assigns certain browsers settings to tabrecovery.com and explormatrix.com. Therefore, it is classified as a potentially unwanted application (PUA). It promotes one fake and one dubious search engin
Discovered by MalwareHunterTeam, Ada Covid is ransomware designed to prevent victims from accessing their files by encryption. As with many ransomware programs, it renames all encrypted files and creates/displays ransom messages. Ada Covid renames files by appending the ".pdf" extension to filenam